From owner-freebsd-security Tue Aug 14 10:47:23 2001 Delivered-To: freebsd-security@freebsd.org Received: from breg.mc.mpls.visi.com (breg.mc.mpls.visi.com [208.42.156.101]) by hub.freebsd.org (Postfix) with ESMTP id 39DED37B40F for ; Tue, 14 Aug 2001 10:47:19 -0700 (PDT) (envelope-from hawkeyd@visi.com) Received: from sheol.localdomain (hawkeyd-host193.dsl.visi.com [208.42.101.193]) by breg.mc.mpls.visi.com (Postfix) with ESMTP id 6A19C2D056E for ; Tue, 14 Aug 2001 12:47:18 -0500 (CDT) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.1/8.11.1) id f7EHlHD01899 for freebsd-security@freebsd.org; Tue, 14 Aug 2001 12:47:17 -0500 (CDT) (envelope-from hawkeyd) Date: Tue, 14 Aug 2001 12:47:17 -0500 From: D J Hawkey Jr To: freebsd-security@freebsd.org Subject: Is minicom exploitable under FreeBSD? Message-ID: <20010814124717.B1870@sheol.localdomain> Reply-To: hawkeyd@visi.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm not certain this is "technical enough" for this group, but it seems appropriate, none the less? Per the following synopsis, is minicom, as found in the packages collection, vulnerable? ---8<--- *** {01.19.020} Cross - Format string vulnerabilities in minicom An advisory was released recently demonstrating format string vulnerabilities in the upload/download functionality of minicom. If minicom is set sgid uucp (which was recommended at one point in time), it is possible to gain uucp group privileges and potentially use those privileges to gain root privileges (the advisory details a potential exploit path). No patches have been made available. This vulnerability has not been confirmed. Source: SecurityFocus Bugtraq --->8--- Minicom installed on my system as: [sheol] /usr/local/bin$ ll mini* -rwsr-xr-x 1 uucp dialer 132372 Nov 16 2000 minicom Not installed SGID, but it is SUID. I only use it to talk to my Cisco DSL modem over cuaa1; I can't figure out how to get 'cu' to talk to it (which I would if I could). TIA, Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message